---
title: Where do I go from here?
course: intro_pentest
section: "Maintaining Access with Backdoors and Rootkits"
layout: lesson
---

After mastering the basics of backdoors and rootkits, you should expand your
horizon by exploring similar tools including Ncat and Socat. Ncat is a
modernized version of the original Netcat tool and is included as part of the
Nmap project. Ncat improves on the original tool by including many of the
original features plus SSL and IPv6 support. Socat is another close Netcat
relative that is great for reading and writing network traffic. Socat also
extends the original functionality of Netcat by adding support for SSL, IPv6 and
several other advanced features.

If you are interested in learning more about backdoors, you should spend time
exploring a couple of classic examples including Back Orifice and SubSeven. Back
Orifice allows a user to command a control a remote machine. The program was
originally released by Sir Dystic in 1998. You can listen to the original talk
titled “Cult of the Dead Cow: The announcement of Back Orifice, DirectXploit,
and the modular ButtPlugins for BO” by reviewing the Defcon 6 media archives.

Sub7 was originally released in 1999 by Mobman and functions in a client/server
manner similar to Back Orifice. Like each of the other tools discussed in this
chapter, Sub7 is a software that allows a client to remotely control a server.
One interesting point about Sub7 is the fact that after a six-year hiatus, where
no development ocurred, project was revived and updated.

If you are interested in expanding your knowledge of rootkits, it’s important to
study and master the inner workings of moderns operating systems. Learning the
intricate details of an operating system kernel may seem daunting at first, but
it’s well worth your time.

This chapter provided a basic overview of the functionality and use of rootkits.
It’s important to understand that this material only scratches the surface of
rootkits. Advanced topics include hooking system and function calls and
understanding the difference between user-mod and kernel-mode kits. Developing a
solid grasp of your system programming and programming languages can be
extremely beneficial as well.
